Preguntas de entrevista para Open Source Engineer en Seal Security

Ir al contenido Ir al pie de página

Seal Security

Entrevistas

Entrevista para Open Source Engineer

18 dic 2024

Candidato de entrevista anónimo

Sin ofertas

Experiencia neutra

Entrevista difícil

Solicitud

Me postulé en línea. El proceso tomó 2 semanas. Acudí a una entrevista en Seal Security (Tel Aviv) en dic 2024

Entrevista

i got an email with a home task attachment. in the task you need to fix tough-cookie 2.5.0 (without upgrading to 4.1.3. version) so the application will not be affected by CVE-2023-26136 i had 3 days to complete i still didnt got a review.

Preguntas de entrevista [1]

Pregunta 1

As part of their web application written in Node.JS, Penguin uses tough-cookie 2.5.0 to process their clients' cookies. Unfortunately, it is affected by CVE-2023-26136, rated as a critical vulnerability by NIST's NVD. According to the vulnerability advisory, the only way to solve the issue is by upgrading to 4.1.3. However, the Penguins feel shorthanded (pun intended) and don't have the necessary capacity to adjust their code to work with the new version of tough-cookie. In order to help them, our goal is to create a customized version of tough-cookie 2.5.0 which is not vulnerable to CVE-2023-26136.

Responder pregunta

Búsquedas relacionadas: Evaluaciones de Seal Security | Empleos en Seal Security | Sueldos en Seal Security | Prestaciones en Seal Security

Entrevistas en Seal Security Entrevistas para el cargo de Open Source Engineer en Seal Security Entrevista en Seal Security

Seal Security

Entrevista para Open Source Engineer

Empresas seguidas

Búsquedas de empleo

Entrevista para Open Source Engineer